Overview

• Murex reported the intrusion, took the health platform offline for maintenance, and Polizia Postale opened an investigation to trace the attackers and neutralize the phishing link.
• Victims received emails posing as the non‑existent Monza firm CreditLex srl that demanded payment of alleged healthcare arrears within five days.
• The fraudulent messages leveraged real personal details and recent clinical information, including prescriptions and exam records, to appear legitimate.
• The portal is widely used by general practitioners and patients for National Health Service prescriptions and access to medical records, raising operational and privacy concerns.
• Authorities advise deleting the emails and not providing payment or card data, and early leads suggest Eastern European cybercriminal groups while the number of affected patients remains undetermined.